Machine learning is a tool and the bad guys are using it

On Friday, Chillisoft’s inaugural CybersecCon was held in Auckland to a crowd of MSPs and cybersecurity professionals from across New Zealand, but the overarching message of the conference was global - we need data analysis and the machine learning that enables it for any good cybersecurity strategy.

The event’s keynote speaker was KPMG NZ CIO Cowen Pettigrew who outlined the need for a new, concentric approach to securing an organisation.

“Outside in, and inside out. Everything has an IP address. Trust is not a given so you need to form a data-driven, concentric view,” he begins.

A concentric view, we learn, is one that not only considers the data that is coming into an organisation but also that which is leaving - for every layer of protection against infiltration, you need the equivalent protections against exfiltration.

Pettigrew recognises that there are significant barriers when it comes to trying to implement a data-driven strategy, which is where the technology of the day comes in.

“You’ll never have enough staff or the necessary skills on tap so form a data concentric model and invest in machine learning technology… Our model is designed to provide a centralised data warehouse that supports the ability for machine learning and AI-based tools, alongside our human data scientists, to interrogate and visualise the data at speed, as needed. Now, having built the architecture, our 2019 roadmap is to embed our enterprise application suites and make some choices.”

This is not an easy task to perform, even with the resources of KPMG, Pettigrew and his team have taken around 12 months to get to where they are now, and going forward it is only going to get more difficult as they begin to integrate a complex array of applications.

“Create data integration functionality within local API's to develop a single pane of glass and avoid what I call islands of integration on disconnected applications,” he advises.

“All over the place, I'm seeing all kinds of problems with an inability for applications to talk. Also, real-time information sharing means we can leverage the strength of the global cybersecurity knowledge.”

To build on Pettigrew’s advocation for machine learning, ESET’s Slovakia-based CTO Juraj Malcho addressed the crowd after winging all the way to New Zealand.

Malcho spoke about the mass perception of AI and machine learning, and how people are being conditioned to fear it before they even know what it is.

“Typically, people like destruction and problems,” Malcho points out.

“They listen to or read the news and are looking for war or conflict. I don't know why we're programmed this way but it's so easy to exploit this behaviour. So, what is artificial intelligence to these people? They think it’s mysterious, it's intangible, and it's evil. But really it’s mathematics. It's not something that came out of outer space, it was invented by humans. It doesn’t even feed itself inputs.”

Malcho’s presentation was not about trying to panic anyone and not about trying to sell any solutions, but about helping cybersecurity experts realise that the other guys can innovate too and so we need to get over the panic around AI.

Today, a phishing scam will be targeted at someone, by someone - but tomorrow, a machine might use our online or breached data to do that work at scale, automatically.

“If you have automation, you can make it a problem for everyone, that’s the difference, that’s the problem I see with AI/ML today. Yes, one person might go after a CEO or CFO, and so on, but it's expensive and it takes time. But what if a machine does it for you? And you can add everyone, every Grandma, every person on this planet? Then almost everyone will be under a sophisticated or semi-sophisticated attack.”